package com.suitsoft.bdms.service.account;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/**
 *
 *@author Suine
 */
public class MyUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter{
	/** 日志输出对象 */
	protected final Logger logger = LoggerFactory.getLogger(getClass());
	
	@SuppressWarnings("unused")
	private String USERNAME = "j_username";
	private String PASSWORD = "j_password";
	
	@Override
	public Authentication attemptAuthentication(HttpServletRequest request,
			HttpServletResponse response) throws AuthenticationException {
		if (!request.getMethod().equals("POST")) {  
			throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());  
		}  
		
		String username = obtainUsername(request).trim();
		String password = obtainPassword(request).trim();
		
		if(!username.equals("admin") && password.equals("admin")){
			
		}else{
			@SuppressWarnings("unused")
			UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);
		}
		return super.attemptAuthentication(request, response);
	}

	public String obtainPassword(HttpServletRequest request){
		String password = request.getParameter(PASSWORD);
		return password == null ? "" : password;
	}
	
}

